NetVAD proposes a novel, identifier-free Variational Autoencoder that leverages frozen Foundation Models to achieve highly competitive unsupervised performance for zero-day intrusion detection.

The paper proposes an ensemble learning framework combined with SHAP-based Explainable AI (XAI) to achieve robust and interpretable anomaly detection for network traffic in embedded systems.

The paper introduces an end-to-end framework that not only detects network intrusions using deep learning but also generates actionable, citation-grounded mitigation reports using a Retrieval-Augmente…

The paper proposes ExAI5G, a logic-based explainable AI framework that integrates a Transformer-based IDS with XAI techniques to provide highly accurate and transparent intrusion detection for 5G netw…

This paper proposes a comprehensive framework for network intrusion detection using unified multi-modal datasets and evaluates advanced adversarial learning methods for generating high-fidelity synthe…

The paper demonstrates that simpler, shallower Deep Neural Network architectures with reduced features and ReLU activations can inherently improve the robustness of ML-NIDS against gradient-based adve…

MA-IDS proposes a Multi-Agent RAG framework that uses LLMs and a self-building Experience Library to achieve explainable and self-improving intrusion detection for resource-constrained IoT networks.

The paper proposes SDNGuardStack, an explainable ensemble learning framework that achieves high-accuracy intrusion detection (99.98%) in Software-Defined Networks using the InSDN dataset.

The paper evaluates AI's effectiveness in detecting network intrusions and cryptographic side-channel leakage, finding high accuracy in stable environments but performance degradation with novel traff…

The paper proposes XAI FL-IDS, a novel framework that combines Federated Learning and SHAP-based explainability to build a privacy-preserving and highly accurate distributed Intrusion Detection System…

The paper proposes PROVFUSION, a multi-view fusion framework that integrates anomaly signals from attribute, structure, and causality views to overcome the limitations of single node- or edge-centric…

ML Defender (aRGus NDR) is an open-source, embedded Machine Learning Network Intrusion Detection System (NIDS) that achieves superior detection rates for botnet and anomalous traffic on resource-const…

This paper proposes an explainable threat attribution system for IoT networks that uses SHAP and flow behavior modeling to accurately classify and explain over 30 distinct attack variants into 8 meani…

The paper proposes LARAR, a novel layer-wise adaptive regularization approach that enhances the adversarial robustness of neural network-based Network Intrusion Detection Systems by analyzing and miti…

The paper introduces GMA-SAWGAN-GP, a novel generative framework that significantly enhances Intrusion Detection System (IDS) performance by augmenting mixed-type network traffic data, especially impr…

This paper develops and analyzes various ensemble models, culminating in an XGBoost-based system, to reliably detect UAV intrusions using XAI and advanced statistical methods to pinpoint the root caus…

The study assesses the generalization capability of supervised machine learning models for intrusion detection using UNSW-NB15 and TON_IoT, finding a significant performance drop when models are teste…

This Survey of Knowledge (SoK) identifies a disconnect between academic NIDS research and real-world operational contexts, proposing foundational changes to reshape future research.

The paper proposes a few-shot network intrusion detection system using online triplet mining and a KNN classifier, achieving competitive performance even when trained on very limited samples of malici…

This paper enhances an existing autonomous online Intrusion Detection System (AOC-IDS) for IoT by addressing class imbalance, pseudo-label reliability, and computational overhead, achieving significan…